RSS Alerts

Share

More services

Related Links

Related Stories

  • Internet Explorer zero-day code goes public
    The Internet Explorer exploit code used in the Operation Aurora attack against Google and other technology companies has made it into the public domain, and has been incorporated into the Metasploit penetration testing tool, it was revealed this weekend.
  • Rapid7 acquires Metasploit open source project
    Rapid7, the vulnerability management security specialist, has acquired Metasploit, the ongoing open source security project that developed the Metasploit Framework. The move is billed as allowing Rapid7 to enhance its penetration testing technologies.
  • Researcher to blow lid off 'secure' retail networks
    Next month, a security researcher will unveil a hack that he says could provide backdoor access into thousands of US networks. Rob Havelt, practice manager for the Spider Labs penetration testing laboratory within security firm Trustwave, will demonstrate how to hack into the frequency hopping spread spectrum (FHSS) networks that underpin everything from barcode scanning systems in retail through to some mobile IP phones.
  • Codenomicon gets fuzzy on security testing
    Codenomicon has taken the wraps off a completely reworked version of Defensics X, its security and robustness testing application. The new version is billed as using fuzzing techniques to enhance its capabilities.
  • Idappcom introduces freeware IP traffic analysis software
    Vulnerability specialist Idappcom has released a freeware version of its Traffic IQ Pro security audit and penetration testing software.

Top 5 Stories

News

Rapid7 readies Metasploit Express

23 April 2010

Rapid7 has introduced a new version of its Metasploit penetration testing tool designed for organizations with limited time and budget.

Metasploit Express uses the same framework as the more established Metasploit program, which remains open source, and which is due to be updated with the release of version 3.4 next month. It features the Metasploit Express Workflow Manager, a workflow engine providing a step-by-step model to simplify testing programs and eliminate manual processes.

The system also integrates with Rapid7 NeXpose, a vulnerability management system. Users can launch a vulnerability scan in that product directly from within the Metasploit Express user interface, and Metasploit Express will harvest the vulnerability information garnered by NeXpose, Rapid7 said.

The graphical user interface is complemented by complete user action logs and an advanced penetration testing window, according to Rapid7, which also said that it includes full network penetration testing capabilities. Features included that are found in the original Metasploit product other than the addition of a GUI include automated database compromise and automated device compromise, along with support for penetration testing lifecycle management.

Reports can be exported as XML files, or can be delivered as a standard reports in PDF or Word format. Metasploit Express features configurable administrative settings and site configurations, along with online customer support. It can be used for evidence collection, and provides detailed audit logs, Rapid7 said.


 

This article is featured in:
IT Forensics

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012